#!/usr/bin/env php
<?php
/**************************************************************************
 *
 *   Copyright 2010 American Public Media Group
 *
 *   This file is part of AIR2.
 *
 *   AIR2 is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   AIR2 is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with AIR2.  If not, see <http://www.gnu.org/licenses/>.
 *
 *************************************************************************/

require_once 'app/init.php';
require_once APPPATH.'../tests/Test.php';
require_once APPPATH.'../tests/AirHttpTest.php';
require_once APPPATH.'../tests/AirTestUtils.php';
require_once APPPATH.'../tests/models/TestSource.php';
require_once APPPATH.'../tests/models/TestUser.php';
require_once APPPATH.'../tests/models/TestOrganization.php';
require_once APPPATH.'../tests/models/TestProject.php';

define('MY_SSEARCH_UUID', 'fooBar123456');
define('MY_TEST_PASS', 'fooBar123.');

plan(11);

// clean up any previous run
AIR2_DBManager::init();

// Create 4 users in 3 different orgs.
// 2 users in different orgs share a common project.
$users = array();
$count = 0;
while ($count++ < 4) {
    $u = new TestUser();
    $u->user_password = MY_TEST_PASS;
    $u->save();
    $users[] = $u;
}

$orgs = array();
$count = 0;
while ($count++ < 3) {
    $o = new TestOrganization();
    $o->save();
    $orgs[] = $o;
}

$orgs[0]->add_users(array($users[0], $users[1]));
$orgs[0]->save();
$orgs[1]->add_users(array($users[2]), 3);  // 3==WRITER
$orgs[1]->save();
$orgs[2]->add_users(array($users[3]));
$orgs[2]->save();

$project = new TestProject();
$project->add_orgs( array($orgs[1]) );    // important for tests below
$project->save();

// create a saved search owned by user #1
$query = new AIR2_Query();
$query->from('SavedSearch');
$query->where('ssearch_uuid=?', MY_SSEARCH_UUID);
$ssearch = $query->fetchOne();
if ($ssearch && $ssearch->exists()) {
    diag("found existing ssearch");
    ok($ssearch->delete(), "delete old record");
}
else {
    pass("no old record");
}
$ssearch = new SavedSearch();
$ssearch->ssearch_uuid = MY_SSEARCH_UUID;
$ssearch->ssearch_name = MY_SSEARCH_UUID;
$ssearch->ssearch_params = '{"foo":"bar"}';
$ssearch->ssearch_cre_user = $users[0]->user_id;
$ssearch->ssearch_public_flag = 1;
$ssearch->add_projects(array($project));
$ssearch->save();


//diag("orgs[0] id=".$orgs[0]->org_id);
//diag("orgs[1] id=".$orgs[1]->org_id);
//diag("orgs[2] id=".$orgs[2]->org_id);

/*******************************************************
 * actual tests
 */
// user #0 owns it
is( $ssearch->user_may_read( $users[0] ), AIR2_AUTHZ_IS_OWNER, "check user 0");

// group connection
is( $ssearch->user_may_read( $users[1] ), AIR2_AUTHZ_IS_ORG, "check user 1");

// project connection
is( $ssearch->user_may_read( $users[2] ), AIR2_AUTHZ_IS_PROJECT, "check user 2");

// no connection
is( $ssearch->user_may_read( $users[3] ), AIR2_AUTHZ_IS_DENIED, "check user 3");

$q = AIR2_Query::create();
$q->from('SavedSearch ss');
SavedSearch::query_may_read( $q, $users[0] );
is( $q->count(), 1, "owner query_may_read");

$q = AIR2_Query::create();
$q->from('SavedSearch ss');
SavedSearch::query_may_write( $q, $users[0] );
is( $q->count(), 1, "owner query_may_write");

$q = AIR2_Query::create();
$q->from('SavedSearch ss');
SavedSearch::query_may_read( $q, $users[1] );
is( $q->count(), 1, "org query_may_read");

$q = AIR2_Query::create();
$q->from('SavedSearch ss');
SavedSearch::query_may_write( $q, $users[1] );
is( $q->count(), 0, "non-owner !query_may_write");

$q = AIR2_Query::create();
$q->from('SavedSearch ss');
SavedSearch::query_may_read( $q, $users[2] );
is( $q->count(), 1, "project query_may_read");

$q = AIR2_Query::create();
$q->from('SavedSearch ss');
SavedSearch::query_may_read( $q, $users[3] );
is( $q->count(), 0, "authz denied query_may_read");


// clean up
$ssearch->delete();
